Motorola Solutions to lead CISA-recognized cybersecurity group for public safety

Motorola Solutions recently announced the establishment of the Public Safety Threat Alliance, which is believed to be the first information sharing and analysis organization (ISAO) dedicated to public safety that is recognized by the Cybersecurity and Infrastructure Security Agency (CISA) within the U.S. Department of Homeland Security (DHS).

Public-safety members of the Public Safety Threat Alliance (PSTA) will be able to share cyberthreat information and analyze such information from multiple sources—the goal of a 2015 executive order that identified ISAOs as vehicles for sharing cybersecurity information and best practices.

Brad Stoddard, a member of the National Council of Statewide Interoperability Coordinators (NCSWIC) and director of the Michigan Public Safety Communications Systems (MPSCS), said he believes having an ISAO focus on the public-safety sector will be beneficial. Public-safety representatives have been able to get cyberthreat information from other sources, but not all of the information is relevant to first-responder communications—and sometimes the personnel receiving the information didn’t recognize its public-safety significance, he said.

“In the different states or territories, the IT teams don’t necessarily have a depth of understanding of emergency communications,” Stoddard said during an interview with IWCE’s Urgent Communications. “And that’s not just [land mobile] radio—it could be 911, alert and warning, amateur radio and all of those pieces.”

Tasha Cornish, executive director for the Cybersecurity Association of Maryland—an organization that helps cybersecurity companies grow and provides cybersecurity educational resources to companies and end-user customers—also expressed support for the creation of a public-safety-specific ISAO.

“We were really excited about the announcement of the ISAO,” Cornish said during an interview with IWCE’s Urgent Communications. “We know that a lot of state and local agencies are working really hard to remain cyber prepared, but they have a lot of hats—they don’t often have time to process the threat intelligence that comes through.

“Through the ISAO, this is really a game-changer for those organizations, who will now have actionable steps and resources to protect their systems and data.”

Billy Bob Brown, Jr., CISA’s executive assistant director for emergency communications, echoed this sentiment.

“The establishment of the Public Safety Threat Alliance fills a critical void, creating a single entity entirely focused on the collection, analysis, production and sharing of actionable public safety-focused cyber threat information and intelligence,” Brown said in a prepared statement. “Now, the public-safety community is better equipped to focus their cyber threat intelligence and defense efforts on specific adversaries and their malicious cyberattacks.”

With its considerable investments in the first-responder sector and its resources, Motorola Solutions is a “natural fit” to lead a public-safety-focused ISAO, Stoddard said.

Public-safety entities are eligible to join the PSTA at no cost and receive cybersecurity information released by the group. Information provided by public-safety agencies to the PSTA will be processed by Motorola Solutions, according to answers provided by the company in response to questions to IWCE’s Urgent Communications.

“Members are not required to share any information,” according to the Motorola Solutions response. “However, the more information and intelligence members share with the PSTA about cyberattacks and hacking threats, the better positioned it will be to help ensure the overall cybersecurity posture of the public-safety community.

“As head of the ISAO, Motorola Solutions will access and anonymize raw information and intelligence received to create an actionable intelligence product for agencies to use in thwarting successful hacks and cyberattacks.”

Cornish said she believes that PSTA members will be more comfortable sharing cybersecurity information than in the past, given the ever-changing digital environment that has seen an explosion in ransomware attacks and other cyberthreats.

“I think that threat sharing has been socialized enough now that people are starting to recognize the real strength in the reporting, much more so than even a few years ago,” Cornish said.

In addition, systems used by public safety and other critical-infrastructure entities are being targeted with increasing frequency by sophisticated actors representing nation-states, according to Cornish.

“It’s very scary, because we know that many of their targets are these critical infrastructures that used to be off limits, but now, nothing is off limits,” Cornish said.

Scott Kaine, Motorola Solutions’ corporate vice president of cybersecurity, said recent cybersecurity statistics reinforce the need for the PSTA.

“For example, it’s been reported that there was a 1,885 percent increase in ransomware attacks against governments worldwide in 2021,” said Scott Kaine, corporate vice president of Cybersecurity, Motorola Solutions. “With cyberthreats increasing in scope, scale and complexity, the Public Safety Threat Alliance can help to dramatically increase the efficacy with which intelligence is used to monitor, detect and respond to potential threats before they result in downtime of public safety services.”

For many years, cybersecurity was not considered to be an urgent priority for many public-safety entities, because most of their mission-critical systems were isolated in “silos.” But that dynamic has changed significantly during the past two decades, as policies—and funding—have been developed that encourage interoperability and connectivity between a variety of systems, enabling new functionalities and efficiencies.

But that this new level of connectivity between systems—many of which have very different security profiles—also expands the risk of cyberthreats, Stoddard said. Through an ISAO, there is a greater chance that all entities within an interoperable ecosystem have similar knowledge of the cyberthreat landscape at a given time, improving the security for all entities involved, he said.

“Now, everyone’s going to be connected together, … so it’s a mutual risk across everybody,” Stoddard said. “It doesn’t matter what system it is, they all have some level of connection, and that’s the same across all of the states and territories.”

Cornish agreed.

“Every couple of weeks—sometimes more frequently than that—I hear another story of somebody getting in through an attack vector that folks didn’t even know was connected to the Internet,” Cornish said. “They didn’t even know it could be a source of entry into the network.

“They [Motorola Solutions] have their work cut out for them. There’s a lot of data to sort through, … but I am secure in knowing that they will be able to figure out and bring to the top what are really the biggest threats to public safety.”

Motorola Solutions plans to reach out “in the coming weeks” to its public-safety customer base—the largest in the sector—with information outlining how agencies can participate in the PSTA, according to a company spokesperson.

“Membership in the PSTA is open to all public-safety agencies, who will receive public-safety information sharing and analysis (i.e., studies, reports, anonymized proprietary data, publicly reported data and closed source cyber intelligence), free of charge,” according to the Motorola Solutions response provided to IWCE’s Urgent Communications.

Agencies that are not Motorola Solutions customers are welcome to join the ISAO. However, Stoddard and Cornish acknowledged that such arrangements could be more complicated to execute practically, given potential concerns surrounding the prospect of sharing sensitive nature of system information with another vendor.